RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rename authentication method from 'basic_auth' to 'single_factor'

pull/175/head
Clement Michaud 2017-10-19 00:33:02 +02:00
parent 563e2da323
commit cd0a93f027
8 changed files with 20 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -192,7 +192,7 @@ Check out [config.template.yml] to see how they are defined.
### Basic Authentication
Authelia allows you to customize the authentication method to use for each sub-domain.
The supported methods are either "basic_auth" and "two_factor".
The supported methods are either "single_factor" and "two_factor".
Please see [config.template.yml] to see an example of configuration.
### Session management with Redis

4
config.template.yml
View File

@ -63,7 +63,7 @@ ldap:
# Authentication methods
#
# Authentication methods can be defined per subdomain.
# There are currently two available methods: "basic_auth" and "two_factor"
# There are currently two available methods: "single_factor" and "two_factor"
#
# Note: by default a domain uses "two_factor" method.
#
@ -74,7 +74,7 @@ ldap:
authentication_methods:
default_method: two_factor
per_subdomain_methods:
basicauth.test.local: basic_auth
basicauth.test.local: single_factor
# Access Control
#

2
server/src/lib/configuration/Configuration.d.ts vendored
View File

@ -113,7 +113,7 @@ export interface RegulationConfiguration {
ban_time: number;
}
declare type AuthenticationMethod = 'two_factor' | 'basic_auth';
declare type AuthenticationMethod = 'two_factor' | 'single_factor';
declare type AuthenticationMethodPerSubdomain = { [subdomain: string]: AuthenticationMethod }
export interface AuthenticationMethodsConfiguration {

2
server/src/lib/routes/firstfactor/post.ts
View File

@ -70,7 +70,7 @@ export default function (vars: ServerVariables) {
vars.logger.debug(req, "Mark successful authentication to regulator.");
vars.regulator.mark(username, true);
if (authMethod == "basic_auth") {
if (authMethod == "single_factor") {
res.send({
redirect: redirectUrl
});

10
server/test/AuthenticationMethodCalculator.test.ts
View File

@ -9,23 +9,23 @@ describe("test authentication method calculator", function() {
per_subdomain_methods: {}
};
const options2: AuthenticationMethodsConfiguration = {
default_method: "basic_auth",
default_method: "single_factor",
per_subdomain_methods: {}
};
const calculator1 = new AuthenticationMethodCalculator(options1);
const calculator2 = new AuthenticationMethodCalculator(options2);
Assert.equal(calculator1.compute("www.example.com"), "two_factor");
Assert.equal(calculator2.compute("www.example.com"), "basic_auth");
Assert.equal(calculator2.compute("www.example.com"), "single_factor");
});
it("should return overridden method when sub domain method is defined", function() {
const options1: AuthenticationMethodsConfiguration = {
default_method: "two_factor",
per_subdomain_methods: {
"www.example.com": "basic_auth"
"www.example.com": "single_factor"
}
};
const calculator1 = new AuthenticationMethodCalculator(options1);
Assert.equal(calculator1.compute("www.example.com"), "basic_auth");
Assert.equal(calculator1.compute("www.example.com"), "single_factor");
});
});
});

14
server/test/configuration/adapters/AuthenticationMethodsAdapter.test.ts
View File

@ -18,7 +18,7 @@ describe("test authentication methods configuration adapter", function () {
it("should adapt a configuration when default_method is not defined", function () {
const userConfiguration: any = {
per_subdomain_methods: {
"example.com": "basic_auth"
"example.com": "single_factor"
}
};
@ -26,34 +26,34 @@ describe("test authentication methods configuration adapter", function () {
Assert.deepStrictEqual(appConfiguration, {
default_method: "two_factor",
per_subdomain_methods: {
"example.com": "basic_auth"
"example.com": "single_factor"
}
});
});
it("should adapt a configuration when per_subdomain_methods is not defined", function () {
const userConfiguration: any = {
default_method: "basic_auth"
default_method: "single_factor"
};
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
Assert.deepStrictEqual(appConfiguration, {
default_method: "basic_auth",
default_method: "single_factor",
per_subdomain_methods: {}
});
});
it("should adapt a configuration when per_subdomain_methods has wrong type", function () {
const userConfiguration: any = {
default_method: "basic_auth",
default_method: "single_factor",
per_subdomain_methods: []
};
const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
Assert.deepStrictEqual(appConfiguration, {
default_method: "basic_auth",
default_method: "single_factor",
per_subdomain_methods: {}
});
});
});
});
});

2
server/test/routes/verify/get.test.ts
View File

@ -162,7 +162,7 @@ describe("test /verify endpoint", function () {
};
req.headers["host"] = "redirect.url";
mocks.config.authentication_methods.per_subdomain_methods = {
"redirect.url": "basic_auth"
"redirect.url": "single_factor"
};
});

4
test/features/basic-auth.feature → test/features/single-factor.feature
View File

@ -1,4 +1,4 @@
Feature: User can access certain subdomains with basic auth
Feature: User can access certain subdomains with single factor
@need-registered-user-john
Scenario: User is redirected to service after first factor if allowed
@ -7,7 +7,7 @@ Feature: User can access certain subdomains with basic auth
Then I'm redirected to "https://basicauth.test.local:8080/secret.html"
@need-registered-user-john
Scenario: Redirection after first factor fails if basic_auth not allowed. It redirects user to first factor.
Scenario: Redirection after first factor fails if single_factor not allowed. It redirects user to first factor.
When I visit "https://auth.test.local:8080/?redirect=https%3A%2F%2Fadmin.test.local%3A8080%2Fsecret.html"
And I login with user "john" and password "password"
Then I'm redirected to "https://auth.test.local:8080/?redirect=https%3A%2F%2Fadmin.test.local%3A8080%2Fsecret.html"